VYPR

AMD processors

by AMD

CVEs (34)

  • CVE-2021-26349MedMay 11, 2022
    risk 0.36cvss 5.5epss 0.00

    Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent (MA).

  • CVE-2021-26348MedMay 11, 2022
    risk 0.36cvss 5.5epss 0.00

    Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

  • CVE-2021-26339MedMay 11, 2022
    risk 0.36cvss 5.5epss 0.00

    A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated…

  • CVE-2021-26401MedMar 11, 2022
    risk 0.36cvss 5.6epss 0.00

    LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.

  • CVE-2021-26312MedNov 16, 2021
    risk 0.36cvss 5.5epss 0.00

    Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.

  • CVE-2023-20584MedAug 13, 2024
    risk 0.34cvss 5.3epss 0.00

    IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.

  • CVE-2023-20583MedAug 1, 2023
    risk 0.31cvss 4.7epss 0.00

    A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information.

  • CVE-2022-27672MedMar 1, 2023
    risk 0.31cvss 4.7epss 0.00

    When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

  • CVE-2021-26350MedMay 11, 2022
    risk 0.31cvss 4.7epss 0.00

    A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service.

  • CVE-2021-26400MedMay 11, 2022
    risk 0.26cvss 4.0epss 0.00

    AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage.

  • CVE-2024-36349LowJul 8, 2025
    risk 0.25cvss 3.8epss 0.00

    A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.

  • CVE-2024-36348LowJul 8, 2025
    risk 0.25cvss 3.8epss 0.00

    A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.

  • CVE-2021-26342LowMay 11, 2022
    risk 0.21cvss 3.3epss 0.00

    In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). The failure to flush the TLB may cause the microcode to use stale TLB…

  • CVE-2022-23830LowNov 14, 2023
    risk 0.12cvss 1.9epss 0.00

    SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity.

Page 2 of 2